package com.juntuo.shiro;

import com.juntuo.entity.Role;
import com.juntuo.entity.User;
//import com.juntuo.service.RoleService;
import com.juntuo.service.RoleService;
import com.juntuo.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * 登录认证 realm
 * @author Derek
 * @create 2016/11/29
 */
public class MyRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    @Autowired
    private RoleService roleService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        User user = (User)principals.getPrimaryPrincipal();
        Role role = new Role();
        role.setId(user.getRoleId());
        role = roleService.selectOne(role);

        //查询角色权限
        Set<String> roles = new HashSet<String>();
//        Set<String> permissions = new HashSet<String>();
//        List<Role> roleList = null;
        roles.add(role.getType().toString());
        //角色不能为空
//        if(!CollectionUtils.isEmpty(roleIds)){
//            roleList = roleDao.query().in("roleId", roleIds).results();
//        }
//
//        if(!CollectionUtils.isEmpty(roleList)){
//            for(Role role : roleList){
//                Map<String,String[]> permMap = role.getPermission();
//                if(CollectionUtils.isEmpty(permMap)){
//                    continue;
//                }
//                for (Map.Entry<String, String[]> entry : permMap.entrySet()) {
//                    String roleKey = entry.getKey();
//                    roles.add(roleKey);
//                    String[] values = entry.getValue();
//                    for(int i =0;i<values.length;i++){
//                        permissions.add(getPermStirng(roleKey, values[i]));
//                    }
//                }
//            }
//        }

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        info.setRoles(roles);
//        info.setStringPermissions(permissions);
        info.setRoles(roles);
        info.setStringPermissions(null);
        return info;
    }

    /**
     * 验证当前登录的Subject
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(
            AuthenticationToken authcToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken)authcToken;
        String username = token.getPrincipal().toString();
        User user = new User();
        user.setUsername(username);
        User user1 = userService.selectOne(user);
        //账号不存在
        if(user1 == null){
            throw new UnknownAccountException("账号或密码不正确");
        }

        //账号被禁用
//        if(user.getIsForbidden()){
//            throw new LockedAccountException("账号已被锁定,请联系管理员");
//        }

        //app or web  web:仅后台 app:仅APP both:两者 nor： 都不可以
        /*String loginType = user.getLoginType();
        String loginSource = token.getHost();

        if(null == loginSource || null == loginType){
            //无效登录
            throw new AccountLoginTypeExcetion("该用户无权登录");
        }
        if(!LoginTypeEnum.BOTH.getCode().equals(loginType)
                && !loginSource.equals(loginType)){
            throw new AccountLoginTypeExcetion("该用户无权登录");
        }*/





        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user1, user1.getPassword(), getName());
        return info;
    }


    /**
     * @Description: 权限分隔符
     * @param operation
     * @return String
     * @throws
     */
//    private static String getPermStirng(String perm, String operation){
//        if(perm == null || perm ==""){
//            return null;
//        }
//        return perm + Constants.SHIRO_PERM + operation;
//    }
}
